summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Expand)AuthorAgeFilesLines
* efi: Only print errors about failing to get certs if EFI vars are foundJavier Martinez Canillas2020-03-121-14/+26
* ima: ima/lsm policy rule loading logic bug fixesJanne Karhunen2020-03-051-18/+26
* selinux: ensure we cleanup the internal AVC counters on error in avc_update()Jaihind Yadav2020-02-241-1/+1
* selinux: ensure we cleanup the internal AVC counters on error in avc_insert()Paul Moore2020-02-241-27/+24
* selinux: fall back to ref-walk if audit is requiredStephen Smalley2020-02-143-26/+17
* selinux: fix regression introduced by move_mount(2) syscallStephen Smalley2020-02-141-0/+10
* selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link"Stephen Smalley2020-02-143-4/+30
* broken ping to ipv6 linklocal addresses on debian busterCasey Schaufler2020-02-111-22/+19
* tomoyo: Use atomic_t for statistics counterTetsuo Handa2020-02-051-7/+4
* tomoyo: Suppress RCU warning at list_for_each_entry_rcu().Tetsuo Handa2020-01-174-13/+26
* apparmor: fix aa_xattrs_match() may sleep while holding a RCU lockJohn Johansen2020-01-093-42/+46
* tomoyo: Don't use nifty names on sockets.Tetsuo Handa2020-01-041-31/+1
* apparmor: fix unsigned len comparison with less than zeroColin Ian King2020-01-041-5/+7
* efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMINJavier Martinez Canillas2019-10-311-0/+1
* Merge tag 'selinux-pr-20191007' of git://git.kernel.org/pub/scm/linux/kernel/...Linus Torvalds2019-10-081-1/+8
|\
| * selinux: fix context string corruption in convert_context()Ondrej Mosnacek2019-10-031-1/+8
* | integrity: remove pointless subdir-$(CONFIG_...)Masahiro Yamada2019-10-051-2/+0
* | integrity: remove unneeded, broken attempt to add -fshort-wcharMasahiro Yamada2019-10-051-1/+0
* | Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git...Linus Torvalds2019-09-2810-16/+350
|\ \
| * | security: constify some arrays in lockdown LSMMatthew Garrett2019-09-101-2/+2
| * | lockdown: Print current->comm in restriction messagesMatthew Garrett2019-08-191-2/+6
| * | tracefs: Restrict tracefs when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | debugfs: Restrict debugfs when the kernel is locked downDavid Howells2019-08-191-0/+1
| * | kexec: Allow kexec_file() with appropriate IMA policy when locked downMatthew Garrett2019-08-193-1/+53
| * | lockdown: Lock down perf when in confidentiality modeDavid Howells2019-08-191-0/+1
| * | bpf: Restrict bpf when kernel lockdown is in confidentiality modeDavid Howells2019-08-191-0/+1
| * | lockdown: Lock down tracing and perf kprobes when in confidentiality modeDavid Howells2019-08-191-0/+1
| * | lockdown: Lock down /proc/kcoreDavid Howells2019-08-191-0/+1
| * | x86/mmiotrace: Lock down the testmmiotrace moduleDavid Howells2019-08-191-0/+1
| * | lockdown: Lock down module params that specify hardware parameters (eg. ioport)David Howells2019-08-191-0/+1
| * | lockdown: Lock down TIOCSSERIALDavid Howells2019-08-191-0/+1
| * | lockdown: Prohibit PCMCIA CIS storage when the kernel is locked downDavid Howells2019-08-191-0/+1
| * | ACPI: Limit access to custom_method when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | x86/msr: Restrict MSR access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | x86: Lock down IO port access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | PCI: Lock down BAR access when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | hibernate: Disable when the kernel is locked downJosh Boyer2019-08-191-0/+1
| * | kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCEJiri Bohac2019-08-192-2/+2
| * | kexec_load: Disable at runtime if the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked downMatthew Garrett2019-08-191-0/+1
| * | lockdown: Enforce module signatures if the kernel is locked downDavid Howells2019-08-192-0/+2
| * | security: Add a static lockdown policy LSMMatthew Garrett2019-08-195-5/+224
| * | security: Add a "locked down" LSM hookMatthew Garrett2019-08-191-0/+6
| * | security: Support early LSMsMatthew Garrett2019-08-191-8/+42
* | | Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds2019-09-2715-105/+627
|\ \ \
| * | | ima: ima_api: Use struct_size() in kzalloc()Gustavo A. R. Silva2019-08-291-2/+2
| * | | ima: use struct_size() in kzalloc()Gustavo A. R. Silva2019-08-291-3/+2
| * | | ima: Fix use after free in ima_read_modsig()Thiago Jung Bauermann2019-08-281-1/+2
| * | | ima: fix freeing ongoing ahash_requestSascha Hauer2019-08-051-0/+5
| * | | ima: always return negative code for errorSascha Hauer2019-08-051-1/+4
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 16:25:19 +0000